INTRODUCTION
There are times when working with rails, you will need to store configuration data. These data that will be used around the project. Some examples of situations where you might need configuration data are:
- Storing API keys for external services.
- Storing login credentials for services.
- Storing application secrets.
This information is very sensitive. Any individual who gets hold of these data(which you might have paid for) will have all the privileges that comes with it. In the hands of a malicious person, it can be detrimental to you.
So we need a way of having this information only in the local repository. Cause if it gets pushed to the remote repository it will be available to anyone who has read privilege to it. What then do we do? don't worry, Figaro got your back.
FIGARO
Figaro is a ruby on rails gem. It uses a YAML file for all your configuration values. It prevents this YAML from being upload to the remote repository.
INSTALLATION
Installing Figaro is the same as installing your rails gem. Insert the following in your rails gem file.
gem "figaro"Then, run the following commands to setup Figaro on your project.
bundle exec figaro installWith that command successfully ran in your project, Figaro is ready to secure your configurations for you.
WORKINGS
Figaro helps to secure your configurations. but how does it work? Let's take a look under the hood. Figaro generates an 'application.yml' file when you run the command:
bundle exec figaro installThe file is found in 'config/application.yml'. This file is where you put all your configuration data. You can categorize your configuration data by environments. Either development, testing, or production if there are different values for it. The default is the development environment. An example of the file setup is as follows.
pusher_app_id: "2954"
pusher_key: 7381a978f7dd7f9a1117
pusher_secret: abdc3b896a0ffb85d373
stripe_api_key: sk_test_2J0l093xOyW72XUYJHE4Dv2r
stripe_publishable_key: pk_test_ro9jV5SNwGb1yYlQfzG17LHK
production:
stripe_api_key: sk_live_EeHnL644i6zo4Iyq4v1KdV9H
stripe_publishable_key: pk_live_9lcthxpSIHbGwmdO941O1XVU
test:
stripe_api_key: sk_test_EeHnL644i6zo4Iyq4v1KdV9H
stripe_publishable_key: pk_test_9lcthxpSIHbGwmdO941O1XVU
Also, Figaro makes some addition in your '.gitignore'. The addition prevents git from pushing the 'application.yml' file to the remote repository.
The addition in the '
.gitignore/config/application.ymlWith all the following ready, you can access any configuration in all '.rb' files in your project.
The command below gives the configuration data, stripe_api_key, for the 'application.yml' above.
ENV['stripe_api_key']returns the following in development environment :
'sk_test_2J0l093xOyW72XUYJHE4Dv2r'this in test environment :
'sk_test_EeHnL644i6zo4Iyq4v1KdV9H'and this in production :
'sk_live_EeHnL644i6zo4Iyq4v1KdV9H'HEROKU
Figaro is developed with deployment in mind. Figaro has a friendly interface with Heroku. With a simple command, you can port all your production configuration data to Heroku.
figaro heroku:set -e productionWith the following command above, Figaro gets all your configuration data to production. Easy right.
CONCLUSION
Figaro makes working with your configurations data from development to production easy. It is simple to use. You could try it out.